The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes how to upgrade or downgrade Cisco NX-OS software for the Cisco Nexus 5000 Series switches and Cisco Nexus 2000 Series Fabric Extenders.
This document includes these sections:
Cisco Nexus 5000 Series switches are shipped with the Cisco NX-OS software pre-installed on the switches. Before upgrading from an existing image, you should read through the information in this document to understand the guidelines, prerequisites, and procedures for upgrading software.
The Cisco NX-OS software consists of the kickstart image and the system image. The image files are located in directories or folders that you can access from the Cisco NX-OS software prompt. Image filenames identify the software release.
The running configuration is saved to the booflash image which is located on the supervisor module.
Cisco NX-OS software upgrades can be disruptive or nondisruptive. A disruptive upgrade triggers a switch reload for the new image to take effect and the data plane and control plane go down. Upgrades from Cisco NX-OS Release 4.1(3)N2(1) or earlier releases are disruptive. Upgrades that are disruptive should be done during scheduled maintenance.
A nondisruptive upgrade does not trigger a switch reload to make the new image take effect. The data plane remains up while the control plane goes down for approximately 80 seconds. A nondisruptive upgrade is known as an In-Service Software Upgrade (ISSU). Cisco NX-OS Release 4.2(1)N1(1) and later releases support ISSU. An ISSU increases network availability and reduces downtime caused by planned software upgrades.
If the above conditions are not met when you upgrade from NX-OS Release 4.2(1)N2(1) or later releases, then you have the option to perform a nondisruptive or a disruptive upgrade. For information on performing either a nondisruptive or disruptive upgrade, see Upgrading from Cisco NX-OS Release 4.2(1)N1(1) and Later Releases.
As of Cisco NX-OS Release 4.2(1)N1(1), In-Service Software Upgrades (ISSUs) are supported on the Cisco Nexus 5000 Series switches. An ISSU can update the software images on your device without disrupting data traffic. Only control traffic is disrupted.
Performing an ISSU requires specific conditions. Read the following section to determine if you can perform an ISSU.
Before performing an ISSU, review the prerequisites and guidelines described in this section.
If the STP conditions are not met, the installation check will indicate that the upgrade would be disruptive. In this case, you can perform an upgrade at a later time or perform a disruptive upgrade.
Before performing an ISSU, follow these guidelines:
Configuration Changes
You cannot enter configuration mode during an ISSU. You should save, commit, or discard any active configuration sessions before upgrading or downgrading the Cisco NX-OS software image. The active configuration session is deleted without warning during a reload.
Use the show configuration session summary command to verify that there are no active configuration sessions.
switch# show configuration session summary
There are no active configuration sessions
For more information on configuration sessions, see the Cisco Nexus 5000 Series System Management Configuration Guide.
Topology Changes
You should make topology changes such as STP or FC fabric changes that affect zoning, Fabric Shortest Path First (FSPF), or domain manager should be done before you perform an ISSU. You should perform module installations or removals only before or after an ISSU.
Scheduling
You should upgrade when your network is stable and steady. Ensure that everyone who has access to the switch or the network is not configuring the switch or the network during this time. You cannot configure a switch during an upgrade.
Space
Verify that sufficient space is available in the location where you are copying the images. The internal bootflash has approximately 200 MB of free space available.
Hardware
Avoid power interruptions during an install procedure. Power interruptions can corrupt the software image.
Ethernet interfaces on the switch and the Fabric Extenders
To avoid link down to link up transitions during the control plane outage time, the laser is turned off for administratively up ports that are operationally down. This situation occurs during the ISSU reboot starting state when the Cisco Nexus 5000 Series switch and the Cisco Nexus 2000 Series Fabric Extender applications stop communicating with each other. After the ISSU reboot and a stateful restart, the laser is turned back on. This action effectively prevents the link state from transitioning from down to up during an ISSU.
Connectivity to remote servers
Configure the IPv4 address or IPv6 address for the 10/100/1000 BASE-T Ethernet port connection (interface mgmt0). Ensure that the switch has a route to the remote server. The switch and the remote server must be in the same subnetwork if you do not have a router to route traffic between subnets.
Software images
Ensure that the specified system and kickstart images are compatible with each other as follows:
Commands
Use the following commands to prepare for and install the new software:
Use the ping command to verify connectivity to the remote server.
Use the dir command to verify the required space is available for the image files to be copied.
Note |
Before you can perform an ISSU, the primary switch and the Fabric Extender must show copy-only or non-disruptive upgrade for the upgrade type. |
Use the show incompatibility system command to find if there are any configurations on the current system that would be incompatible with the new software version. If there are incompatible configurations, they need to be removed for a non-disruptive ISSU.
Use the show spanning-tree issu-impact command on the Cisco Nexus 5000 Series switches in a Virtual Portchannel (vPC) topology before performing an ISSU to review the spanning-tree configuration. The Nexus 5000 Series switches must have the following configuration:
The spanning-tree configuration cannot have any designated port, with the exception of ports that are configured as a port-type edge with Bridge Protocol Data Unit (BPDU) Filtering.
Note |
Do not disable Bridge Assurance globally if you are running vPC because this may cause a Type-1 global inconsistency. |
The Cisco Nexus 5000 Series switch cannot be the STP root bridge or have any designated non-edge ports in the STP topology.
The Cisco Nexus 5000 Series switch and the Cisco Nexus 2000 Fabric Extenders that are undergoing an ISSU must be a leaf on the spanning tree.
Note |
If you upgrade a Cisco Nexus 5000 Series switch that is part of a vPC topology, make sure to upgrade one switch at a time. After the first switch upgrade is complete, then begin to upgrade the next switch. You must allow each switch to finish the upgrade before you upgrade the next switch in the topology. |
Run only one installation on a switch at a time.
Do not issue another command while running the installation.
If the Fabric Extender are not compatible with the software image that you install on the Cisco Nexus 5000 Series switch, some traffic disruption may occur depending on your configuration. The install all command output will provide options for you to choose to proceed with the upgrade or end the upgrade.
Terminology
Term |
Definition |
|
---|---|---|
bootable |
The ability of the module to boot or not boot based on image compatibility. |
|
impact |
The type of software upgrade mechanism—disruptive or nondisruptive. |
|
install-type |
reset |
Resets the module. |
sw-reset |
Resets the module immediately after a switchover. |
|
rolling |
Upgrades each module in sequence. |
|
copy-only |
Updates the software for BIOS, loader, or bootrom. |
The following protocol guidelines apply when performing an ISSU on Cisco Nexus 5000 Series switches and Cisco Nexus 2000 Series fabric extenders:
Telnet and SSH
When you restart the switch after an ISSU, all active Telnet and SSH sessions to the switch are disconnected. You must reestablished these connections once the switch is back online. All Telnet and SSH sessions that originate from the switch to any external switch or Fabric Extender are also disconnected and will also need to be reestablished.
HTTP
The HTTP sessions to the Cisco Nexus 5000 Series switch are disconnected during an ISSU reboot. After the ISSU reboot, the HTTP service is restarted.
Network Time Protocol
The Network Time Protocol (NTP) sessions to and from the switch are disrupted during an ISSU. After an ISSU, the NTP session will be re-established based on the saved startup configuration.
AAA/Radius
Applications that leverage the AAA Service (such as "Login") will be disabled during an ISSU. Since all network management services are disabled during this time, this behavior is consistent.
Control Plane
During an ISSU, the control plane functions of the switch are temporarily suspended for less than 80 seconds. Configuration changes are not allowed during this time. If a change does occur, the impact can be varied. To ensure a nondisruptive upgrade, you should perform and ISSU when there are no changes to the fabric.
Cisco Fabric Services
If you enable Cisco Fabric Services (CFS) for an application, the configuration for the application on a switch triggers a lock on all switches in the fabric for that application.
As part of the upgrade process, CFS checks to see if an application is locked. If there is a lock on an application, the ISSU upgrade request fails you should perform an upgrade later when the CFS lock is released.
During an ISSU, a CFS distribution cannot occur until the upgrade is complete.
N-Port Virtualization
If an N-Port Virtualization (NPV) uplink port is down during an ISSU, the NPV process cannot react and servers are not notified when an F Port link is down. A failover to a secondary uplink, if it exists, does not occur until the ISSU is complete.
FLOGI and FDISC Handling
When an F Port is undergoing an ISSU upgrade, the NPV process is down. Any FLOGI, FDISC login, or login request from a server fails until the ISSU has completed.
Fabric Shortest Path First
FSPF declares a link down if it does not receive a hello packet from a peer within the specified dead time interval. You can configure the FSPF hello and dead time intervals on each interface. The values must be the same for the ports at both ends of the ISL. If the hello and dead time intervals do not match, the hello messages are discarded.
As part of the upgrade process, FSPF checks the dead time interval on all interfaces. If any of the dead time intervals are less than 80 seconds, the ISSU does not begin. You can perform and upgrade after you increase the dead time interval. Before a switch reboot (an ISSU automatically reboots the switch), FSPF sends out hello packets on all interfaces to prevent a neighbor switch from marking the route to the ISSU switch as down in its route calculation because the neighbor switch did not get a hello message within the dead time interval.
When an ISSU is in progress, route changes in the fabric are not processed, for example, when an E Port (or TE Port) is brought down.
Zone Server
An ISSU will stop if a zone merge or zone change request is in progress. During an ISSU, since EPP and merge requests are not processed, a peer switch is not able to bring up E ports (or TE ports) connected to the switch undergoing an ISSU until the ISSU is complete.
A peer switch zone change request will not be answered by a switch undergoing an ISSU. Zone configuration changes on other switches connected to a switch undergoing an ISSU will fail until the ISSU is complete.
LACP
IEEE 802.3ad provides for the default slow aging timers to be transmitted once every 30 seconds in steady state and will expire after 90 seconds. An ISSU should not impact peers that rely on LACP because the recovery time is less than 90 seconds.
Fast LACP timers (hello=1 sec, dead=3 sec) is not supported by a nondisruptive ISSU.
IGMP
IGMP will not disrupt existing flows of multicast traffic that are already present, but new flows will not be learned (they will be dropped) until an ISSU completes. New router ports or changes to router ports will also not be detected during this time
DCBX and LLDP
DCBX uses LLDP to exchange parameters between peer devices. Since DCBX is a link-local protocol, when the switch undergoes an ISSU, the age time is increased on all ports on switches and fabric extenders that are being upgraded. The configuration will be ignored if manually specified.
CDP
During an ISSU, the time-to-live value is increased (to 180 seconds) if it is less than the recommended timeout value. The configuration will be ignored if manually specified.
The following conditions will stop an ISSU process from continuing:
If the supervisor module bootflash: file system does not have sufficient space to accept the updated image.
If images are incompatible after an upgrade. For example, an I/O module image may be incompatible with the system image, or a kickstart image may be incompatible with a system image. This condition is shown in the show install all impact command output in the compatibility check section of the output (under the Bootable column).
If the specified system and kickstart images are not compatible.
If configuration changes are made while the upgrade is in progress.
If hardware is installed or removed while the upgrade is in progress.
If there is a power disruption while the upgrade is in progress.
If the entire path for the remote server location is not specified accurately.
The Cisco NX-OS software prevents most configuration changes while the install all command is in progress. However, the Cisco NX-OS software allows configuration changes from Cisco Fabric Services (CFS) and those changes may affect the ISSU.
The install all command triggers the ISSU on Cisco Nexus 5000 Series switches and Cisco Nexus 2000 Series Fabric Extenders. The command provides the following benefits:
You can upgrade the Cisco Nexus 5000 Series switches and the Nexus 2000 Series Fabric Extenders using just one command.
You can receive descriptive information about the intended changes to your system before you continue with the installation. For example, it identifies potential disruptive upgrades.
You can continue or cancel the upgrade when you see this question (the default is no):
Do you want to continue (y/n) [n] : y
You can upgrade the Cisco NX-OS software using a nondisruptive procedure.
The command automatically checks the image integrity, which includes the running kickstart and system images. The command sets the kickstart and system boot variables.
The command performs a platform validity check to verify that a wrong image is not used.
The Ctrl-c escape sequence gracefully ends the install all command. The command sequence completes the update step in progress and returns to the EXEC prompt.
After issuing the install all command, if any step in the sequence fails, the upgrade ends.
Warning: please do not remove or power off the module at this time. Note: Power-seq upgrade needs a power-cycle to take into effect. On success of power-seq upgrade, SWITCH OFF THE POWER to the system and then, power it up.
You can force a disruptive upgrade. For information on forcing an upgrade, see Forcing an Upgrade.
This table lists the show commands that identify the impact or potential problems that may occur when performing an ISSU.
Command | Definition |
---|---|
show incompatibility system | Displays incompatible configurations on the current system that will impact the upgrade version. |
show install all impact | Displays information that describes the impact of the upgrade on each Fabric Extender including the current and upgrade-image versions. This command also displays if the upgrade is disruptive or not and if the Fabric Extender needs to be rebooted, and the reason why. |
show spanning-tree issu-impact | Displays the spanning-tree configuration and whether or not there are potential STP issues. |
show lacp issu-impact | Displays the port priority information and whether or not there are potential issues. |
This table lists the show commands tat are used to monitor installation upgrades.
Command | Definition |
---|---|
show fex | Displays the fabric extender status during an ISSU. |
show install all failure-reason | Displays the applications that failed during an installation and why the installation failed. |
show install all status | Displays a high-level log of the installation. |
show system internal log install details | Displays detailed logs of the last installation-related command. |
show system internal log install history | Displays detailed logs of the last five installation-related commands, from oldest to newest. |
show tech-support | Displays the system and configuration information that you can provide to the Cisco Technical Assistance Center when reporting a problem. |
The following example shows the output from the show install all status command:
There is an on-going installation... Enter Ctrl-C to go back to the prompt. Continuing with installation process, please wait. The login will be disabled until the installation is completed. Performing supervisor state verification. SUCCESS Supervisor non-disruptive upgrade successful. Pre-loading modules. SUCCESS Module 198: Non-disruptive upgrading. SUCCESS Module 199: Non-disruptive upgrading. SUCCESS Install has been successful. (hit Ctrl-C here) switch#
The following example shows the output from the show fex command on two vPC peer switches where Fex 198 and Fex 199 are upgraded:
switch-1# show fex FEX FEX FEX FEX Number Description State Model Serial ------------------------------------------------------------------------ 198 FEX0198 Hitless Upg Idle N2K-C2248TP-1GE JAF1342ANQP 199 FEX0199 Online N2K-C2248TP-1GE JAF1342ANRL
switch-2# show fex FEX FEX FEX FEX Number Description State Model Serial ------------------------------------------------------------------------ 198 FEX0198 FEX AA Upg Idle N2K-C2248TP-1GE JAF1342ANQP 199 FEX0199 Online N2K-C2248TP-1GE JAF1342ANRL
To view the vPC status, enter the show vpc command on a peer switch.
switch-2# show vpc Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1000 Peer status : peer adjacency formed ok vPC keep-alive status : Suspended during ISSU Configuration consistency status: success vPC role : primary, operational secondary Number of vPCs configured : 100 Peer Gateway : Disabled Dual-active excluded VLANs : 40 vPC Peer-link status ------------------------------------------------ id Port Status Active vlans -- ---- ------ ----------------------------- 1 Po100 up 1,40
2010 Feb 4 00:09:26 MN5020-4 %$ VDC-1 %$ %VPC-2-PEER_KEEP_ALIVE_RECV_FAIL: In domain 1000, VPC peer keep-alive receive has failed
Installation status messages such as the following may appear on peer switches as the primary switch is upgraded.
switch-2# 2010 Jun 10 18:27:25 N5K2 %$ VDC-1 %$ %SATCTRL-2-SATCTRL_IMAGE: FEX100 Image update in progress.
switch-2# 2010 Jun 10 18:32:54 N5K2 %$ VDC-1 %$ %SATCTRL-2-SATCTRL_IMAGE: FEX100 Image update complete. Install pending
When the first Cisco Nexus 5000 Series switch in a topology is rebooted during a disruptive upgrade, you can verify the status of the Fabric Extenders.
To view the status of the Fabric Extenders, enter the show fex command after the switch reboots.
switch-1# show fex 100 FEX: 100 Description: FEX0100 state: Image Download FEX version: 4.1(3)N1(1) [Switch version: 4.2(1)N1(1)] pinning-mode: static Max-links: 1 Fabric port for control traffic: Eth1/37 Fabric interface state: Po5 - Interface Up. State: Active Eth1/37 - Interface Up. State: Active
To view the status of the Fabric Extenders on a secondary peer switch, enter the show fex command.
switch-2# show fex 100 FEX: 100 Description: FEX0100 state: Online FEX version: 4.1(3)N1(1) [Switch version: 4.1(3)N1(1)] Extender Model: N2K-C2148T-1GE, Extender Serial: JAF1343BHCK Part No: 73-12009-06 pinning-mode: static Max-links: 1 Fabric port for control traffic: Eth1/37 Fabric interface state: Po5 - Interface Up. State: Active Eth1/37 - Interface Up. State: Active
Note |
Fabric Extender rolling upgrades can also be monitored using the console port or you can Telnet back into the primary switch and enter the show install all status command. |
The Cisco Nexus 2000 Series Fabric Extender is managed by its parent Cisco Nexus 5000 Series switch over the fabric interfaces through a zero-touch configuration model. You upgrade the Fabric Extender by upgrading the software on the parent Cisco Nexus 5000 Series switch.
When a Fabric Extender has been correctly associated with a parent switch, the following upgrade operations are performed:
The switch checks the software image compatibility and upgrades the Fabric Extender if necessary.
The switch pushes the configuration data to the fabric extender. The Fabric Extender does not store any configuration locally.
The Fabric Extender updates the switch with its operational status. All fabric extender information is displayed using the switch commands for monitoring and troubleshooting.
Note |
Prior to Cisco NX-OS Release 4.1(3)N1(1), a Cisco Nexus 2000 Series Fabric Extender could be managed by one parent switch only. |
Cisco NX-OS Release 4.2(1)N1(1) and later releases support ISSU rolling upgrades on all associated Cisco Nexus 2148T, Nexus 2248TP, and Nexus 2232PP Fabric Extenders.
In rolling upgrades, fabric extenders are upgraded one at a time. The upgrade of one fabric extender must finish successfully before the upgrade of the next fabric extender can begin. If an upgrade fails, then the ISSU stops. Upgrades to any subsequent fabric extenders are not completed.
In nonrolling upgrades, Fabric Extender are upgraded at the same time. Nonrolling upgrades are not supported in Cisco NX-OS Release 4.2(1)N1(1).
In vPC topologies, either the primary or secondary Cisco Nexus 5000 Series switch can upgrade all Fabric Extenders in the topology. The switch that you upgrade first upgrades the associated Fabric Extenders. You should upgrade the next switch after the first switch upgrades all associated Fabric Extenders. During this time, the two Cisco Nexus 5000 Series switches will temporarily run different Cisco NX-OS software versions.
Note |
To perform a nondisruptive upgrade from Release 4.2(1)N1(1) and later releases, see the About In-Service Software Upgrades section to determine whether or not you can perform an ISSU. |
For important release-specific information, read the release notes for the new image file. See the Cisco Nexus 5000 Series and Cisco Nexus 2000 Series Release Notes at http://www.cisco.com/en/US/products/ps9670/prod_release_notes_list.html.
This procedure requires the following:
1. Log in to Cisco.com to access the Software Download Center. To log in to Cisco.com, go to http://www.cisco.com/ and click Log In at the top of the page. Enter your Cisco username and password.
2. Select and download the kickstart and system software files to a local server.
3. Verify that the required space is available in the bootflash: directory for the image file(s) to be copied.
4. (Optional) If you need more space on the bootflash, delete unnecessary files to make space available.
5. Copy the new kickstart and system images to the switch bootflash by using a transfer protocol such as ftp, tftp, scp, or sftp. The examples in this procedure use scp.
6. Enter the show install all impact command to display the impact of the upgrade.
7. Enter the install all command to install the new images, specifying the new image names that you downloaded in the previous step.
8. Verify that the switch is running the required software release.
Step 1 |
Log in to Cisco.com to access the Software Download Center. To log in to Cisco.com, go to http://www.cisco.com/ and click Log In at the top of the page. Enter your Cisco username and password.
You see links to the download images for the switch. |
||
Step 2 | Select and download the kickstart and system software files to a local server. | ||
Step 3 |
Verify that the required space is available in the bootflash: directory for the image file(s) to be copied. switch# dir bootflash: 4681 May 24 02:43:52 2010 config 13176836 May 24 07:19:36 2010 gdb.1 49152 Jan 12 18:38:36 2009 lost+found/ 310556 Dec 23 02:53:28 2008 n1 20058112 Jun 25 23:17:44 2010 n5000-uk9-kickstart.4.1.3.N1.1.bin 20217856 May 09 23:17:11 2010 n5000-uk9-kickstart.4.0.1a.N1.0.62.bin 76930262 Jun 25 23:11:47 2010 n5000-uk9.4.1.3.N1.1.bin 103484727 May 09 23:10:02 2010 n5000-uk9.4.0.1a.N1.0.62.bin Usage for bootflash://sup-local 74934272 bytes used 5550080 bytes free 80484352 bytes total
|
||
Step 4 |
(Optional) If you need more space on the bootflash, delete unnecessary files to make space available. switch# delete bootflash:n5000-uk9-kickstart.4.0.1a.N1.0.62.bin switch# delete bootflash:n5000-uk9.4.0.1a.N1.0.62.bin |
||
Step 5 |
Copy the new kickstart and system images to the switch bootflash by using a transfer protocol such as ftp, tftp, scp, or sftp. The examples in this procedure use scp. switch# copy scp://user@scpserver.cisco.com/downloads/n5000-uk9.4.2.1.N1.1.bin bootflash:n5000-uk9.4.2.1.N1.1.bin switch# copy scp://user@scpserver.cisco.com/downloads/n5000-uk9-kickstart.4.2.1.N1.1.bin bootflash:n5000-uk9-kickstart.4.2.1.N1.1.bin |
||
Step 6 |
Enter the show install all impact command to display the impact of the upgrade. switch# show install all impact kickstart bootflash:n5000-uk9-kickstart.4.2.1.N1.1.bin system bootflash:n5000-uk9.4.2.1.N1.1.bin Verifying image bootflash:/n5000-uk9-kickstart.4.2.1.N1.1.bin for boot variable "kickstart". [####################] 100% -- SUCCESS Verifying image bootflash:/n5000-uk9.4.2.1.N1.1.bin for boot variable "system". [####################] 100% -- SUCCESS Verifying image type. [########### ] 50% [####################] 100% -- SUCCESS Extracting "system" version from image bootflash:/n5000-uk9.4.2.1.N1.1.bin. [####################] 100% -- SUCCESS Extracting "kickstart" version from image bootflash:/n5000-uk9-kickstart.4.2.1.N 1.1.bin. [####################] 100% -- SUCCESS Extracting "bios" version from image bootflash:/n5000-uk9.4.2.1.N1.1.bin. [####################] 100% -- SUCCESS Extracting "fex" version from image bootflash:/n5000-uk9.4.2.1.N1.1.bin. [####################] 100% -- SUCCESS Notifying services about system upgrade. [####################] 100% -- SUCCESS Compatibility check is done: Module bootable Impact Install-type Reason ------ -------- -------------- ------------ ------ 1 yes disruptive reset Reset due to single supervisor 100 yes disruptive reset Reset due to single supervisor Images will be upgraded according to following table: Module Image Running-Version New-Version Upg-Required ------ ---------- ---------------------- ---------------------- ------------ 1 system 4.1(3)N1(1) 4.2(1)N1(1) yes 1 kickstart 4.1(3)N1(1) 4.2(1)N1(1) yes 1 bios v1.3.0(09/08/09) no 100 fex 4.1(3)N1(1) 4.2(1)N1(1) yes |
||
Step 7 |
Enter the install all command to install the new images, specifying the new image names that you downloaded in the previous step. switch# install all kickstart bootflash:n5000-uk9-kickstart.4.2.1.N1.1.bin system bootflash:n5000-uk9.4.2.1.N1.1.bin Verifying image bootflash:/n5000-uk9-kickstart.4.2.1.N1.1.bin for boot variable "kickstart". [####################] 100% -- SUCCESS Verifying image bootflash:/n5000-uk9.4.2.1.N1.1.bin for boot variable "system". [####################] 100% -- SUCCESS Verifying image type. [####################] 100% -- SUCCESS Extracting "system" version from image bootflash:/n5000-uk9.4.2.1.N1.1.bin. [####################] 100% -- SUCCESS Extracting "kickstart" version from image bootflash:/n5000-uk9-kickstart.4.2.1.N1.1.bin. [####################] 100% -- SUCCESS Extracting "bios" version from image bootflash:/n5000-uk9.4.2.1.N1.1.bin. [####################] 100% -- SUCCESS Extracting "fex" version from image bootflash:/n5000-uk9.4.2.1.N1.1.bin. [####################] 100% -- SUCCESS Notifying services about system upgrade. [####################] 100% -- SUCCESS Compatibility check is done: Module bootable Impact Install-type Reason ------ -------- -------------- ------------ ------ 1 yes disruptive reset Reset due to single supervisor 100 yes disruptive reset Reset due to single supervisor Images will be upgraded according to following table: Module Image Running-Version New-Version Upg-Required ------ ---------- ---------------------- ---------------------- ------------ 1 system 4.1(3)N1(1) 4.2(1)N1(1) yes 1 kickstart 4.1(3)N1(1) 4.2(1)N1(1) yes 1 bios v1.3.0(09/08/09) no 100 fex 4.1(3)N1(1) 4.2(1)N1(1) yes Switch will be reloaded for disruptive upgrade. Do you want to continue with the installation (y/n)? [n] y Install is in progress, please wait. Setting boot variables. [####################] 100% -- SUCCESS Performing configuration copy. [####################] 100% -- SUCCESS Module 1: Refreshing compact flash and upgrading bios/loader/bootrom. Warning: please do not remove or power off the module at this time. [####################] 100% -- SUCCESS Pre-loading modules. [This step might take up to 20 minutes to complete - please wait.] [# ] 0%2010 Jun 10 18:27:25 N5K1 %$ VDC-1 %$ %SATCTRL-2-SATCTRL_IMAGE: FEX100 Image update in progress. [##### ] 20% [###### ] 25%2010 Jun 10 18:32:54 N5K1 %$ VDC-1 %$ %SATCTRL-2-SATCTRL_IMAGE: FEX100 Image update complete. Install pending [####################] 100% -- SUCCESS Finishing the upgrade, switch will reboot in 10 seconds. switch# switch# switch# writing reset reason 31, Broadcast message from root (Thu Jun 10 18:33:16 2010): INIT: Sending processes the TERM signal Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "stp" (PID 2843) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "netstack" (PID 2782) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "Security Daemon" (PID 2706) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "Cert_enroll Daemon" (PID 2707) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "igmp" (PID 2808) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "Radius Daemon" (PID 2806) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "AAA Daemon" (PID 2708) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "vshd" (PID 2636) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "vlan_mgr" (PID 2737) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "vdc_mgr" (PID 2681) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "urib" (PID 2718) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "u6rib" (PID 2717) is forced exit. Jun 10 18:33:17 %TTYD-2-TTYD_ERROR TTYD Error ttyd bad select Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "statsclient" (PID 2684) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "smm" (PID 2637) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "res_mgr" (PID 2688) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "licmgr" (PID 2641) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "l3vm" (PID 2715) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "icmpv6" (PID 2781) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "eth_dstats" (PID 2700) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "arp" (PID 2780) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "fs-daemon" (PID 2642) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "ascii-cfg" (PID 2704) is forced exit. Jun 10 18:33:17 %LIBSYSMGR-3-SIGTERM_FORCE_EXIT Service "adjmgr" (PID 2771) is forced exit. Jun 10 18:33:19 Unexporting directories for NFS kernel daemon...done. Stopping NFS kernel daemon: rpc.mountd rpc.nfsddone. Unexporting directories for NFS kernel daemon... done. Stopping portmap daemon: portmap. Stopping kernel log daemon: klogd. Sending all processes the TERM signal... done. Sending all processes the KILL signal... done. Unmounting remote filesystems... done. Deactivating swap...umount: none busy - remounted read-only done. Unmounting local filesystems...umount: none busy - remounted read-only done. mount: you must specify the filesystem type Starting reboot command: reboot Rebooting... Restarting system. The switch reboots and restarts with the new image. For detailed information about the install all command, see Using the install all Command.
|
||
Step 8 |
Verify that the switch is running the required software release. switch# show version Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright ©) 2002-2010, Cisco Systems, Inc. All rights reserved. The copyrights to certain works contained herein are owned by other third parties and are used and distributed under license. Some parts of this software are covered under the GNU Public License. A copy of the license is available at http://www.gnu.org/licenses/gpl.html. Software BIOS: version 1.2.0 loader: version N/A kickstart: version 4.2(1)N1(1) [build 4.2(1)N1(0.96)] system: version 4.2(1)N1(1) [build 4.2(1)N1(0.96)] BIOS compile time: 06/19/09 kickstart image file is: bootflash:/n5000-uk9-kickstart.4.2.1.N1.0.96.bin kickstart compile time: 7/14/2010 4:00:00 [07/14/2010 04:27:38] system image file is: bootflash:/n5000-uk9.4.2.1.N1.0.96.bin system compile time: 7/14/2010 4:00:00 [07/14/2010 05:20:12] Hardware cisco Nexus5020 Chassis ("40x10GE/Supervisor") Intel®) Celeron®) M CPU with 2074240 kB of memory. Processor Board ID JAB1232002F Device name: switch bootflash: 1003520 kB Kernel uptime is 13 day(s), 23 hour(s), 25 minute(s), 5 second(s) Last reset at 720833 usecs after Tue Jul 14 11:18:32 2010 Reason: Reset by installer System version: 4.2(1)N1(0.96) Service: plugin Core Plugin, Ethernet Plugin |
This section describes how to upgrade Cisco NX-OS software from Release 4.2(1)N1(1) and later releases. Upgrading Cisco NX-OS software on a Cisco Nexus 5000 Series switch will also perform a rolling upgrade on any associated Fabric Extenders.
In topologies with multiple Cisco Nexus 5000 Series switches, you must choose which switch to upgrade first. You can upgrade either the primary or secondary switches first. The first switch that is upgraded will upgrade the associated Fabric Extenders. You must wait to upgrade additional switches until the first switch upgrade is complete. During the upgrade process, the switches will be run different software versions
An upgrade from NX-OS Release 4.2(1)N1(1) and later releases can be disruptive or nondisruptive. If the ISSU prerequisites are not met or if the installation checks determine that the installation would be disruptive, you can perform a disruptive upgrade. To perform a disruptive upgrade, follow the procedure described in Upgrading from Cisco NX-OS Release 4.1(3)N2(1) and Earlier Releases (Disruptive Upgrade). If the ISSU prerequisites are met and if the installation checks determine that the installion is nondisruptive, you can follow the procedure described in this section.
For important release-specific information, read the release notes for the new image file. See the Cisco Nexus 5000 Series and Cisco Nexus 2000 Series Release Notes at http://www.cisco.com/en/US/products/ps9670/prod_release_notes_list.html.
This procedure requires the following:
1. Log in to the first Cisco Nexus 5000 Series switch. It is recommended that you log in to the console port. In vPC topologies, the first upgrade can be performed on either the primary or secondary switch in the topology.
2. Log in to Cisco.com to access the Software Download Center. To log in to Cisco.com, go to http://www.cisco.com/ and click Log In at the top of the page. Enter your Cisco username and password.
3. Select and download the kickstart and system software files to the server.
4. Verify that the required space is available in the bootflash: directory for the image file(s) to be copied.
5. If you need more space in the bootflash: directory, delete unnecessary files to make space available.
6. Copy the Cisco NX-OS kickstart and system images to the bootflash using a transfer protocol such as ftp:, tftp:, scp:, or sftp:. The examples in this procedure use scp:.
7. Compare the file sizes of the images that were transferred using the dir bootflash command. The file sizes of the images obtained from Cisco.com and the image sizes of the transferred files should be the same.
8. Complete Steps 1 through Step 9 for each Cisco Nexus 5000 Series switch in the topology.
9. On the first Cisco Nexus 5000 Series switch, enter the show install all impact command to identify the upgrade impact.
10. Enter the show spanning-tree issu-impact command to display the impact of the upgrade.
11. Enter the show lacp issue-impact command to display the impact of the upgrade.
12. Save the running configuration to the start configuration.
13. Enter the show vpc role command to verify the vPC switch role.
14. Enter the install all command to update to the latest Cisco NX-OS software.
15. Enter the show install all status command to verify the status of the installation.
16. Log in and upgrade the next Cisco Nexus 5000 Series switch beginning with Step 9.
Step 1 |
Log in to the first Cisco Nexus 5000 Series switch. It is recommended that you log in to the console port. In vPC topologies, the first upgrade can be performed on either the primary or secondary switch in the topology.
|
||
Step 2 |
Log in to Cisco.com to access the Software Download Center. To log in to Cisco.com, go to http://www.cisco.com/ and click Log In at the top of the page. Enter your Cisco username and password.
You see links to the download images for the switch. |
||
Step 3 | Select and download the kickstart and system software files to the server. | ||
Step 4 |
Verify that the required space is available in the bootflash: directory for the image file(s) to be copied.
switch# dir bootflash:
21778944 May 25 23:17:44 2010 n5000-uk9-kickstart.4.2.1.N1.1.bin
22557184 Jun 09 23:17:11 2010 n5000-uk9-kickstart.4.2.1.N1.1a.bin
20816384 Jun 27 22:28:55 2010 n5000-uk9-kickstart.4.2.1.N1.1b.bin
181095489 May 25 23:11:47 2010 n5000-uk9.4.2.1.N1.1.bin
181204582 Jun 09 23:10:02 2010 n5000-uk9.4.2.1.N1.1a.bin
181548598 Jun 27 22:34:46 2010 n5000-uk9.4.2.1.N1.1b.bin
Usage for bootflash://sup-local
609001181 bytes used
5550080 bytes free
603451101 bytes total
|
||
Step 5 |
If you need more space in the bootflash: directory, delete unnecessary files to make space available. switch# delete bootflash:n5000-uk9-kickstart.4.2.1.N1.1.bin switch# delete bootflash:n5000-uk9.4.2.1.N1.1.bin |
||
Step 6 |
Copy the Cisco NX-OS kickstart and system images to the bootflash using a transfer protocol such as ftp:, tftp:, scp:, or sftp:. The examples in this procedure use scp:.
switch# copy scp://user@scpserver.cisco.com//downloads/n5000-uk9-kickstart.4.2.1.N1.1b.bin switch# copy scp://user@scpserver.cisco.com//downloads/n5000-uk9.4.2.1.N1.1b.bin |
||
Step 7 | Compare the file sizes of the images that were transferred using the dir bootflash command. The file sizes of the images obtained from Cisco.com and the image sizes of the transferred files should be the same. | ||
Step 8 |
Complete Steps 1 through Step 9 for each Cisco Nexus 5000 Series switch in the topology.
Be sure to copy the images to all Cisco Nexus 5000 Series switches in the topology before proceeding with the upgrade. |
||
Step 9 |
On the first Cisco Nexus 5000 Series switch, enter the show install all impact command to identify the upgrade impact. switch# show install all impact kickstart bootflash:n5000-uk9-kickstart.4.2.1.N1.1b.bin system bootflash:n5000-uk9.4.2.1.N1.1b.bin Verifying image bootflash:/n5000-uk9-kickstart.4.2.1.N1.1b.bin for boot variable "kickstart". [####################] 100% -- SUCCESS Verifying image bootflash:/n5000-uk9.4.2.1.N1.1b.bin for boot variable "system". [####################] 100% -- SUCCESS Verifying image type. [########### ] 50% [####################] 100% -- SUCCESS Extracting "system" version from image bootflash:/n5000-uk9.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Extracting "kickstart" version from image bootflash:/n5000-uk9-kickstart.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Extracting "bios" version from image bootflash:/n5000-uk9.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Extracting "fex" version from image bootflash:/n5000-uk9.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Notifying services about system upgrade. [####################] 100% -- SUCCESS Compatibility check is done: Module bootable Impact Install-type Reason ------ -------- -------------- ------------ ------ 1 yes non-disruptive reset 100 yes non-disruptive rolling Images will be upgraded according to following table: Module Image Running-Version New-Version Upg-Required ------ ---------- ---------------------- ---------------------- ------------ 1 system 4.2(1)N1(1a) 4.2(1)N1(1b) yes 1 kickstart 4.2(1)N1(1a) 4.2(1)N1(1b) yes 1 bios v1.3.0(09/08/09) v1.3.0(09/08/09) no 100 fex 4.2(1)N1(1a) 4.2(1)N1(1b) yes 1 power-seq v1.2 v1.2 no |
||
Step 10 |
Enter the show spanning-tree issu-impact command to display the impact of the upgrade.
switch# show spanning-tree issu-impact Following are the statistics on this switch No Active Topology change Found! Criteria 1 PASSED !! No Ports with BA Enabled Found! Criteria 2 PASSED!! No Non-Edge Designated Forwarding Ports Found! Criteria 3 PASSED !! ISSU Can Proceed! Check Peer Switch. |
||
Step 11 |
Enter the show lacp issue-impact command to display the impact of the upgrade. switch# show lacp issue-impact |
||
Step 12 |
Save the running configuration to the start configuration. switch# copy running-config startup-config |
||
Step 13 |
Enter the show vpc role command to verify the vPC switch role. switch# show vpc role vPC Role status ---------------------------------------------------- vPC role : secondary, operational primary Dual Active Detection Status : 0 vPC system-mac : 00:23:04:ee:be:0a vPC system-priority : 32667 vPC local system-mac : 00:0d:ec:fb:73:3c vPC local role-priority : 2 |
||
Step 14 |
Enter the install all command to update to the latest Cisco NX-OS software. For detailed information on using the install all command, see Using the install all Command. switch# install all kickstart n5000-uk9-kickstart.4.2.1.N1.1b.bin system n5000-uk9.4.2.1.N1.1b.bin Verifying image bootflash:/n5000-uk9-kickstart.4.2.1.N1.1b.bin for boot variable "kickstart". [####################] 100% -- SUCCESS Verifying image bootflash:/n5000-uk9.4.2.1.N1.1b.bin for boot variable "system". [####################] 100% -- SUCCESS Verifying image type. [####################] 100% -- SUCCESS Extracting "system" version from image bootflash:/n5000-uk9.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Extracting "kickstart" version from image bootflash:/n5000-uk9-kickstart.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Extracting "bios" version from image bootflash:/n5000-uk9.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Extracting "fex" version from image bootflash:/n5000-uk9.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Notifying services about system upgrade. [####################] 100% -- SUCCESS Compatibility check is done: Module bootable Impact Install-type Reason ------ -------- -------------- ------------ ------ 1 yes non-disruptive reset 100 yes non-disruptive rolling Images will be upgraded according to following table: Module Image Running-Version New-Version Upg-Required ------ ---------- ---------------------- ---------------------- ------------ 1 system 4.2(1)N1(1a) 4.2(1)N1(1b) yes 1 kickstart 4.2(1)N1(1a) 4.2(1)N1(1b) yes 1 bios v1.3.0(09/08/09) v1.3.0(09/08/09) no 100 fex 4.2(1)N1(1a) 4.2(1)N1(1b) yes 1 power-seq v1.2 v1.2 no Do you want to continue with the installation (y/n)? [n] y Install is in progress, please wait. Notifying services about the upgrade. [####################] 100% -- SUCCESS Setting boot variables. [####################] 100% -- SUCCESS Performing configuration copy. [####################] 100% -- SUCCESS Module 1: Refreshing compact flash and upgrading bios/loader/bootrom/power-seq. Warning: please do not remove or power off the module at this time. Note: Power-seq upgrade needs a power-cycle to take into effect. On success of power-seq upgrade, SWITCH OFF THE POWER to the system and then, power it up. [####################] 100% -- SUCCESS Upgrade can no longer be aborted, any failure will result in a disruptive upgrade. Requesting Line Cards to stop communication. [####################] 100% -- SUCCESS Requesting Sup Apps to stop communication. [####################] 100% -- SUCCESS Freeing memory in the file system. [####################] 100% -- SUCCESS Loading images into memory. [####################] 100% -- SUCCESS Saving supervisor runtime state. [####################] 100% -- SUCCESS Saving mts state. writing reset reason 88, <NULL> [####################] 100% -- SUCCESS Rebooting the switch to proceed with the upgrade. All telnet and ssh connections will now be terminated. Starting new kernel Calling kexec callback Moving to new kernel Calling into reboot_code_buffer code Starting kernel... Usage: init 0123456SsQqAaBbCcUu INIT: version 2.85 booting I2C - Mezz present Creating /callhome.. Mounting /callhome.. Creating /callhome done. Callhome spool file system init done. Checking all filesystems..... done. . Loading system software Uncompressing system image: bootflash:/n5000-uk9.4.2.1.N1.1b.bin Loading plugin 0: core_plugin... plugin_link_to_exec_path: plugin_path = /isan/plugin/0, tar_log = /isan/plugin_extract_log/0 Loading plugin 1: eth_plugin... plugin_link_to_exec_path: plugin_path = /isan/plugin/1, tar_log = /isan/plugin_extract_log/1 plugin_file_is_excluded_from_exec_path: /boot/ is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/etc/ is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/etc/plugin_exclude.conf is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/lib/ is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so.0 is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so.0.0.0 is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/ is excluded from linking INIT: Entering runlevel: 3om_exec_path: /boot/etc/ is excluded Exporting directories for NFS kernel daemon...done. Starting NFS kernel daemon:rpc.nfsd. rpc.mountddone. Setting envvar: SYSMGR_SERVICE_NAME to muxif_service Set envvar SYSMGR_SERVICE_NAME to muxif_service /isan/bin/muxif_config: argc:2 muxif_init....vacl: ret: 0 Set name-type for VLAN subsystem. Should be visible in /proc/net/vlan/config Added VLAN with VID == 4042 to IF -:muxif:- 2010 Jun 9 23:43:56 N5K1 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files begin - clis Continuing with installation process, please wait. The login will be disabled until the installation is completed. 2010 Jun 9 23:44:25 N5K1 %$ VDC-1 %$ %KERN-2-SYSTEM_MSG: Starting kernel... - kernel Performing supervisor state verification. 2010 Jun 9 23:44:25 N5K1 %$ VDC-1 %$ %KERN-0-SYSTEM_MSG: I2C - Mezz present - kernel [####################] 100% -- SUCCESS Supervisor non-disruptive upgrade successful. Pre-loading modules. [This step might take upto 20 minutes to complete - please wait.] [*Warning -- Please do not abort installation/reload or powercycle fexes*] [# ] 0%2010 Jun 9 23:44:34 N5K1 %$ VDC-1 %$ %SATCTRL-FEX100-2-SATCTRL_IMAGE: FEX100 Image update in progress. 2010 Jun 9 23:45:05 N5K1 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files end - clis 2010 Jun 9 23:45:05 N5K1 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: init begin - clis 2010 Jun 9 23:45:11 N5K1 %$ VDC-1 %$ %PFMA-2-FEX_STATUS: Fex 100 is online [##### ] 20%2010 Jun 9 23:50:46 N5K1 %$ VDC-1 %$ %SATCTRL-FEX100-2-SATCTRL_IMAGE: FEX100 Image update complete. Install pending [####################] 100% -- SUCCESS Module 100: Non-disruptive upgrading. [# ] 0%2010 Jun 9 23:52:12 N5K1 %$ VDC-1 %$ %NOHMS-2-NOHMS_ENV_FEX_ONLINE: FEX-100 On-line 2010 Jun 9 23:52:12 N5K1 %$ VDC-1 %$ %PFMA-2-FEX_STATUS: Fex 100 is online [####################] 100% -- SUCCESS Install has been successful. |
||
Step 15 |
Enter the show install all status command to verify the status of the installation. switch# show install all status This is the log of last installation. Continuing with installation process, please wait. The login will be disabled until the installation is completed. Performing supervisor state verification. SUCCESS Supervisor non-disruptive upgrade successful. Pre-loading modules. SUCCESS Module 100: Non-disruptive upgrading. SUCCESS Install has been successful. |
||
Step 16 |
Log in and upgrade the next Cisco Nexus 5000 Series switch beginning with Step 9. To monitor the progress of the upgrade, use the console port. If you use Telnet or SSH to access the Cisco Nexus 5000 series switch, you will lose connectivity to the switch when the control plane is reloaded as part of the ISSU. |
During the process of upgrading from Release 4.2(1)N1(1) and later releases, if a disruptive upgrade is identified, you can force an upgrade by using the install all force command
switch # install all force kickstart bootflash:/kickstart_image.bin system bootflash:/system_image.bin Installer is forced disruptive Verifying image bootflash:/kickstart_image.bin for boot variable "kickstart". [####################] 100% -- SUCCESS Verifying image bootflash:/system_image.bin for boot variable "system". ...
You an also add force at the end of the install all command as follows:
switch # install all kickstart bootflash:/kickstart_image.bin system bootflash:/system_image.bin force Installer is forced disruptive Verifying image bootflash:/kickstart_image.bin for boot variable "kickstart". ...
You can monitor vPC peer switches during upgrades using the console port, Telnet, or SSH sessions. The vPC switches will not disconnect during the installation process when the peer switch is undergoing an ISSU.
At the point during the upgrade when you choose to continue the installation, a message is displayed on Cisco Nexus 5000 Series switches in the vPC topology to indicate that an installation is occuring on a peer switch.
Do you want to continue (y/n) [n] : y
2010 Feb 4 00:07:16 MN5020-4 %$ VDC-1 %$ %VPC-2-VPC_ISSU_START: Peer vPC switch ISSU start, locking configuration
Note |
During an upgrade, the configuration on peer switches is locked and the vPC state on vPC peer switches is suspended until the upgrade is complete. |
The following example shows the output of the install all command. The second example shows the output when the Fabric Extender rolling upgrades are occurring.
Note |
The output of the command depends on the software image. |
switch# install all kickstart n5000-uk9-kickstart.4.2.1.N1.1b.bin system n5000-uk9.4.2.1.N1.1b.bin Verifying image bootflash:/n5000-uk9-kickstart.4.2.1.N1.1b.bin for boot variable "kickstart". [####################] 100% -- SUCCESS Verifying image bootflash:/n5000-uk9.4.2.1.N1.1b.bin for boot variable "system". [####################] 100% -- SUCCESS Verifying image type. [####################] 100% -- SUCCESS Extracting "system" version from image bootflash:/n5000-uk9.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Extracting "kickstart" version from image bootflash:/n5000-uk9-kickstart.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Extracting "bios" version from image bootflash:/n5000-uk9.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Extracting "fex" version from image bootflash:/n5000-uk9.4.2.1.N1.1b.bin. [####################] 100% -- SUCCESS Notifying services about system upgrade. [####################] 100% -- SUCCESS Compatibility check is done: Module bootable Impact Install-type Reason ------ -------- -------------- ------------ ------ 1 yes non-disruptive reset 100 yes non-disruptive rolling Images will be upgraded according to following table: Module Image Running-Version New-Version Upg-Required ------ ---------- ---------------------- ---------------------- ------------ 1 system 4.2(1)N1(1a) 4.2(1)N1(1b) yes 1 kickstart 4.2(1)N1(1a) 4.2(1)N1(1b) yes 1 bios v1.3.0(09/08/09) v1.3.0(09/08/09) no 100 fex 4.2(1)N1(1a) 4.2(1)N1(1b) yes 1 power-seq v1.2 v1.2 no Do you want to continue with the installation (y/n)? [n] y Install is in progress, please wait. Notifying services about the upgrade. [####################] 100% -- SUCCESS Setting boot variables. [####################] 100% -- SUCCESS Performing configuration copy. [####################] 100% -- SUCCESS Module 1: Refreshing compact flash and upgrading bios/loader/bootrom/power-seq. Warning: please do not remove or power off the module at this time. Note: Power-seq upgrade needs a power-cycle to take into effect. On success of power-seq upgrade, SWITCH OFF THE POWER to the system and then, power it up. [####################] 100% -- SUCCESS Upgrade can no longer be aborted, any failure will result in a disruptive upgrade. Requesting Line Cards to stop communication. [####################] 100% -- SUCCESS Requesting Sup Apps to stop communication. [####################] 100% -- SUCCESS Freeing memory in the file system. [####################] 100% -- SUCCESS Loading images into memory. [####################] 100% -- SUCCESS Saving supervisor runtime state. [####################] 100% -- SUCCESS Saving mts state. writing reset reason 88, <NULL> [####################] 100% -- SUCCESS Rebooting the switch to proceed with the upgrade. All telnet and ssh connections will now be terminated. Starting new kernel Calling kexec callback Moving to new kernel Calling into reboot_code_buffer code Starting kernel... Usage: init 0123456SsQqAaBbCcUu INIT: version 2.85 booting I2C - Mezz present Creating /callhome.. Mounting /callhome.. Creating /callhome done. Callhome spool file system init done. Checking all filesystems..... done. . Loading system software Uncompressing system image: bootflash:/n5000-uk9.4.2.1.N1.1b.bin Loading plugin 0: core_plugin... plugin_link_to_exec_path: plugin_path = /isan/plugin/0, tar_log = /isan/plugin_extract_log/0 Loading plugin 1: eth_plugin... plugin_link_to_exec_path: plugin_path = /isan/plugin/1, tar_log = /isan/plugin_extract_log/1 plugin_file_is_excluded_from_exec_path: /boot/ is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/etc/ is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/etc/plugin_exclude.conf is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/lib/ is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so.0 is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/lib/libplugin_sysreg.so.0.0.0 is excluded from linking plugin_file_is_excluded_from_exec_path: /boot/ is excluded from linking INIT: Entering runlevel: 3om_exec_path: /boot/etc/ is excluded Exporting directories for NFS kernel daemon...done. Starting NFS kernel daemon:rpc.nfsd. rpc.mountddone. Setting envvar: SYSMGR_SERVICE_NAME to muxif_service Set envvar SYSMGR_SERVICE_NAME to muxif_service /isan/bin/muxif_config: argc:2 muxif_init....vacl: ret: 0 Set name-type for VLAN subsystem. Should be visible in /proc/net/vlan/config Added VLAN with VID == 4042 to IF -:muxif:- 2010 Jun 9 23:43:56 N5K1 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files begin - clis Continuing with installation process, please wait. The login will be disabled until the installation is completed. 2010 Jun 9 23:44:25 N5K1 %$ VDC-1 %$ %KERN-2-SYSTEM_MSG: Starting kernel... - kernel Performing supervisor state verification. 2010 Jun 9 23:44:25 N5K1 %$ VDC-1 %$ %KERN-0-SYSTEM_MSG: I2C - Mezz present - kernel [####################] 100% -- SUCCESS Supervisor non-disruptive upgrade successful. Pre-loading modules. [This step might take upto 20 minutes to complete - please wait.] [*Warning -- Please do not abort installation/reload or powercycle fexes*] [# ] 0%2010 Jun 9 23:44:34 N5K1 %$ VDC-1 %$ %SATCTRL-FEX100-2-SATCTRL_IMAGE: FEX100 Image update in progress. 2010 Jun 9 23:45:05 N5K1 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files end - clis 2010 Jun 9 23:45:05 N5K1 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: init begin - clis 2010 Jun 9 23:45:11 N5K1 %$ VDC-1 %$ %PFMA-2-FEX_STATUS: Fex 100 is online [##### ] 20%2010 Jun 9 23:50:46 N5K1 %$ VDC-1 %$ %SATCTRL-FEX100-2-SATCTRL_IMAGE: FEX100 Image update complete. Install pending [####################] 100% -- SUCCESS Module 100: Non-disruptive upgrading. [# ] 0%2010 Jun 9 23:52:12 N5K1 %$ VDC-1 %$ %NOHMS-2-NOHMS_ENV_FEX_ONLINE: FEX-100 On-line 2010 Jun 9 23:52:12 N5K1 %$ VDC-1 %$ %PFMA-2-FEX_STATUS: Fex 100 is online [####################] 100% -- SUCCESS Install has been successful.
Note |
In vPC topologies, a message is displayed on all Cisco Nexus 5000 Series switches in the topology to indicate that an installation is occurring on a peer switch. For information on viewing the status of vPC switches during an upgrade, see Monitoring vPC Peer Switches During an Upgrade. |
The following example shows the output on the Cisco Nexus 5000 Series switch when the switch has been upgraded and the rolling upgrade on the Fabric Extenders is occurring. The fabric extenders in the example are Fex 198 and Fex 199.
Pre-loading modules. [This step might take upto 20 minutes to complete - please wait.] 2010 Feb 3 22:53:21 MN5010-3 %$ VDC-1 %$ %SATCTRL-FEX199-2-SATCTRL_IMAGE: FEX199 Image update in progress. 2010 Feb 3 22:53:21 MN5010-3 %$ VDC-1 %$ %SATCTRL-FEX198-2-SATCTRL_IMAGE: FEX198 Image update in progress. 2010 Feb 3 22:53:51 MN5010-3 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files end - clis 2010 Feb 3 22:53:51 MN5010-3 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: init begin - clis 2010 Feb 3 22:53:59 MN5010-3 %$ VDC-1 %$ %PFMA-2-FEX_STATUS: Fex 198 is online 2010 Feb 3 22:53:59 MN5010-3 %$ VDC-1 %$ %PFMA-2-FEX_STATUS: Fex 199 is online [###### ] 25%2010 Feb 3 22:59:25 MN5010-3 %$ VDC-1 %$ %SATCTRL-FEX199-2-SATCTRL_IMAGE: FEX199 Image update complete. Install pending 2010 Feb 3 22:59:28 MN5010-3 %$ VDC-1 %$ %SATCTRL-FEX198-2-SATCTRL_IMAGE: FEX198 Image update complete. Install pending [####################] 100% -- SUCCESS Module 198: Non-disruptive upgrading. 2010 Feb 3 23:00:40 MN5010-3 %$ VDC-1 %$ %NOHMS-2-NOHMS_ENV_FEX_ONLINE: FEX-198 On-line 2010 Feb 3 23:00:40 MN5010-3 %$ VDC-1 %$ %PFMA-2-FEX_STATUS: Fex 198 is online [####################] 100% -- SUCCESS Module 199: Non-disruptive upgrading. 2010 Feb 3 23:01:54 MN5010-3 %$ VDC-1 %$ %NOHMS-2-NOHMS_ENV_FEX_ONLINE: FEX-199 On-line 2010 Feb 3 23:01:54 MN5010-3 %$ VDC-1 %$ %PFMA-2-FEX_STATUS: Fex 199 is online ####################] 100% -- SUCCESS Install has been successful.
Note |
When the switch output shows Install has been successful... , the ISSU has completed on the first Cisco Nexus 5000 Series switch and the associated Cisco Nexus 2000 Series Fabric Extenders. If the upgrade is performed in a vPC topology, you must continue to upgrade each additional Cisco Nexus 5000 Series switch. |
This example shows the recommended steps to upgrade the switch software in the dual-homed topology shown in the figure below. In this topology, each fabric extender is dual-homed to a pair of Nexus 5000 Series switches and each server is configured with active/standby connections. During the upgrade, each server maintains its connectivity to the network while the switches and fabric extenders are upgraded. The example upgrade is from NX-OS Release 4.1(3)N1(1). This is a disruptive upgrade. For additional information on the disruptive upgrade procedure, see Upgrading from cisco NX-OS Release 4.1(3)N2(1) and Earlier Releases (Disruptive Upgrade).
This procedure requires the following:
1. Log in to the primary switch using the console connection.
2. Download the appropriate kickstart and system images.
3. Copy the images to the bootflash of each Nexus 5000 Series switch.
4. Issue the show install all impact command.
5. Issue the install all kickstart <image> system <image> command.
6. Update the boot variable on the secondary switch to reflect the new image.
7. From the secondary switch, reload the first fabric extender and then the second fabric extender.
8. On the secondary switch, issue the reload command.
The procedure to downgrade the switch is identical to a switch upgrade, except that the image files to be loaded are for an earlier release than the image that is currently running on the switch.
Note |
Before you downgrade to a specific release, check the release notes for the current release installed on the switch, to ensure that your hardware is compatible with the specific release. You must be aware of special caveats before you downgrade the switch software to a Cisco NX-OS 4.0(0)-based release. See the Cisco Nexus 5000 Series and Cisco Nexus 2000 Series Release Notes for details. |
1. Locate the image files that you will use for the downgrade by entering the dir bootflash: command.
3. Verify that the switch is running the required software release.
Step 1 |
Locate the image files that you will use for the downgrade by entering the dir bootflash: command. If the image files are not stored on the bootflash memory, download the files from Cisco.com: |
||
Step 2 |
Install the new images. switch# install all kickstart bootflash:n5000-uk9-kickstart.4.0.1a.N1.0.62.bin system bootflash:n5000-uk9.4.0.1a.N1.0.62.bin For detailed information on using the install all command, see Using the install all Command. Warning: please do not remove or power off the module at this time. Note: Power-seq upgrade needs a power-cycle to take into effect. On success of power-seq upgrade, SWITCH OFF THE POWER to the system and then, power it up.
|
||
Step 3 |
Verify that the switch is running the required software release. switch# show version Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright ©) 2002-2009, Cisco Systems, Inc. All rights reserved. The copyrights to certain works contained herein are owned by other third parties and are used and distributed under license. Some parts of this software are covered under the GNU Public License. A copy of the license is available at http://www.gnu.org/licenses/gpl.html. Software BIOS: version 1.2.0 loader: version N/A kickstart: version 4.0(1a)N1(1) [build 4.0(1a)N1(0.62)] system: version 4.0(1a)N1(1) [build 4.0(1a)N1(0.62)] BIOS compile time: 06/19/08 kickstart image file is: bootflash:/n5000-uk9-kickstart.4.0.1a.N1.0.62.bin kickstart compile time: 7/14/2009 4:00:00 [07/14/2009 04:27:38] system image file is: bootflash:/n5000-uk9.4.0.1a.N1.0.62.bin system compile time: 7/14/2009 4:00:00 [07/14/2009 05:20:12] Hardware cisco Nexus5020 Chassis ("40x10GE/Supervisor") Intel®) Celeron®) M CPU with 2074240 kB of memory. Processor Board ID JAB1232002F Device name: switch bootflash: 1003520 kB Kernel uptime is 13 day(s), 23 hour(s), 25 minute(s), 5 second(s) Last reset at 720833 usecs after Tue Jul 14 11:18:32 2009 Reason: Reset by installer System version: 4.0(1a)N1(0.62) Service: plugin Core Plugin, Ethernet Plugin |
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.